Text Exploits

31,386 exploits tracked across all sources.

Sort: Activity Stars
CVE-2018-5715 EXPLOITDB MEDIUM text
SugarCRM 3.5.1 - Cross-Site Scripting via Query String Parameter Name
phprint.php in SugarCRM 3.5.1 has XSS via a parameter name in the query string (aka a $key variable).
by Guilherme Assmann
CVSS 6.1
CVE-2018-5705 EXPLOITDB MEDIUM text
Reservo Image Hosting 1.6 - Cross-Site Scripting via Search Parameter
Reservo Image Hosting 1.6 is vulnerable to XSS attacks. The affected function is its search engine (the t parameter to the /search URI). Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admin(s). By sending users an infected URL, code will be executed.
by Dennis Veninga
CVSS 6.1
EIP-2026-101642 EXPLOITDB text
D-Link DSL-2640R - DNS Change
by Todor Donev
EIP-2026-101558 EXPLOITDB text
Belkin N600DB Wireless Router - Multiple Vulnerabilities
by Wadeek
CVE-2018-5726 EXPLOITDB CRITICAL text
MASTER IPCAMERA01 <3.3.4.2103 - Info Disclosure
MASTER IPCAMERA01 3.3.4.2103 devices allow remote attackers to obtain sensitive information via a crafted HTTP request, as demonstrated by the username, password, and configuration settings.
by Raffaele Sabato
CVSS 9.8
CVE-2018-25120 EXPLOITDB CRITICAL text
D-Link DNS-343 ShareCenter <1.05 - Command Injection
D-Link DNS-343 ShareCenter devices running firmware versions up to and including 1.05 contain a command injection vulnerability in the Mail Test functionality. The web maintenance script posts to the internal goForm endpoint '/goform/Mail_Test' and uses several form parameters directly in a call to a system email utility without proper input validation. An unauthenticated remote attacker can supply crafted form data that injects shell commands, resulting in execution as root on the device. NOTE: The DNS-343 product line has been declared end-of-life.
by GulfTech Security
CVSS 9.8
CVE-2017-17999 EXPLOITDB CRITICAL text
RISE Ultimate Project Manager 1.9 - SQL Injection via Search Parameter
SQL injection vulnerability in RISE Ultimate Project Manager 1.9 allows remote attackers to execute arbitrary SQL commands via the search parameter to index.php/knowledge_base/get_article_suggestion/.
by Ahmad Mahfouz
CVSS 9.8
CVE-2017-17976 EXPLOITDB CRITICAL text
Perfex CRM 1.9.7 - Unrestricted File Upload and Remote Code Execution
In Utilities.php in Perfex CRM 1.9.7, Unrestricted file upload can lead to remote code execution.
by Ahmad Mahfouz
CVSS 9.8
CVE-2018-5479 EXPLOITDB MEDIUM text
FoxSash ImgHosting 1.5 - Cross-Site Scripting via Search Parameter
FoxSash ImgHosting 1.5 (according to footer information) is vulnerable to XSS attacks. The affected function is its search engine via the search parameter to the default URI. Since there is an user/admin login interface, it's possible for attackers to steal sessions of users and thus admin(s). By sending users an infected URL, code will be executed.
by Dennis Veninga
CVSS 6.1
CVE-2018-5688 EXPLOITDB MEDIUM text VERIFIED
ILIAS < 5.2.4 - Cross-Site Scripting via Setup Component cmd Parameter
ILIAS before 5.2.4 has XSS via the cmd parameter to the displayHeader function in setup/classes/class.ilSetupGUI.php in the Setup component.
by Florian Kunushevci
CVSS 6.1
EIP-2026-107114 EXPLOITDB text
Flash Operator Panel 2.31.03 - Command Execution
by Vulnerability-Lab
EIP-2026-106537 EXPLOITDB text
Domains & Hostings Manager PRO 3.0 - Authentication Bypass
by Tauco
EIP-2026-106328 EXPLOITDB text
D-Link DNS-325 ShareCenter < 1.05B03 - Multiple Vulnerabilities
by GulfTech Security
EIP-2026-104959 EXPLOITDB text
Adminer 4.3.1 - Server-Side Request Forgery
by hyp3rlinx
CVE-2017-3528 EXPLOITDB MEDIUM text VERIFIED
Oracle E-Business Suite 12.1.3-12.2.6 - RCE
Vulnerability in the Oracle Applications Framework component of Oracle E-Business Suite (subcomponent: Popup windows (lists of values, datepicker, etc.)). Supported versions that are affected are 12.1.3, 12.2.3, 12.2.4, 12.2.5 and 12.2.6. Easily "exploitable" vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle Applications Framework. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in Oracle Applications Framework, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of Oracle Applications Framework accessible data. CVSS 3.0 Base Score 4.7 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:C/C:N/I:L/A:N).
by Andrew Gill
CVSS 5.4
CVE-2017-10366 EXPLOITDB CRITICAL text
Oracle PeopleSoft Products <8.57 - RCE
Vulnerability in the PeopleSoft Enterprise PT PeopleTools component of Oracle PeopleSoft Products (subcomponent: Performance Monitor). Supported versions that are affected are 8.54, 8.55 and 8.56. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise PeopleSoft Enterprise PT PeopleTools. Successful attacks of this vulnerability can result in takeover of PeopleSoft Enterprise PT PeopleTools. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
by Vahagn Vardanyan
CVSS 9.8
EIP-2026-116109 EXPLOITDB text VERIFIED
PyroBatchFTP < 3.19 - Buffer Overflow
by Manuel García Cárdenas
CVE-2018-5282 EXPLOITDB HIGH text
Kentico Xperience 9.0-11.0 - Stack-based Buffer Overflow via SilentInstall XML Field
Kentico 9.0 through 11.0 has a stack-based buffer overflow via the SqlName, SqlPswd, Database, UserName, or Password field in a SilentInstall XML document. NOTE: the vendor disputes this issue because neither a buffer overflow nor a crash can be reproduced; also, reading XML documents is implemented exclusively with managed code within the Microsoft .NET Framework
by Vulnerability-Lab
CVSS 7.8
CVE-2018-5370 EXPLOITDB MEDIUM text
BizLogic xnami 1.0 - Cross-Site Scripting via Comment Parameter
BizLogic xnami 1.0 has XSS via the comment parameter in an addComment action to the /media/ajax URI.
by Dennis Veninga
CVSS 6.1
EIP-2026-112565 EXPLOITDB text
Taxi Booking Script 1.0 - Cross-site Scripting
by Tauco
CVE-2018-0749 EXPLOITDB HIGH text VERIFIED
Windows SMB Server - Elevation of Privilege via Specially Crafted Files
The Microsoft Server Message Block (SMB) Server in Windows 7 SP1, Windows 8.1 and RT 8.1, Windows Server 2008 SP2 and R2 SP1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way SMB Server handles specially crafted files, aka "Windows Elevation of Privilege Vulnerability".
by Google Security Research
CVSS 7.8
CVE-2018-0752 EXPLOITDB HIGH text VERIFIED
Windows Kernel API - Elevation of Privilege via Permission Assignment
The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0751.
by Google Security Research
CVSS 7.8
CVE-2018-0751 EXPLOITDB HIGH text VERIFIED
Windows Kernel API - Improper Privilege Management
The Windows Kernel API in Windows 8.1 and RT 8.1, Windows Server 2012 and R2, Windows 10 Gold, 1511, 1607, 1703 and 1709, Windows Server 2016 and Windows Server, version 1709 allows an elevation of privilege vulnerability due to the way the Kernel API enforces permissions, aka "Windows Elevation of Privilege Vulnerability". This CVE ID is unique from CVE-2018-0752.
by Google Security Research
CVSS 7.1
CVE-2017-13209 EXPLOITDB HIGH text VERIFIED
Android 8.0-8.1 - Unauthenticated Missing Authorization in ServiceManager::add
In the ServiceManager::add function in the hardware service manager, there is an insecure permissions check based on the PID of the caller which could allow an application or service to replace a HAL service with its own service. This could lead to a local elevation of privilege enabling code execution as a privileged process with no additional execution privileges needed. User interaction is not needed for exploitation. Product: Android. Versions: 8.0, 8.1. Android ID: A-68217907.
by Google Security Research
CVSS 7.8
EIP-2026-114199 EXPLOITDB text
WordPress Plugin WordPress Download Manager 2.9.60 - Cross-Site Request Forgery
by Panagiotis Vagenas